SAP SAP Enterprise Application Software

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any SAP product.

RSS Feeds for SAP security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in SAP products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by SAP Sorted by Most Security Vulnerabilities since 2018

SAP NetWeaver47 vulnerabilities

SAP Netweaver As Abap43 vulnerabilities

SAP Business One29 vulnerabilities

SAP Solution Manager29 vulnerabilities

SAP Netweaver Abap22 vulnerabilities

SAP Commerce Cloud17 vulnerabilities

SAP S4hana16 vulnerabilities

SAP Enable Now14 vulnerabilities

SAP Host Agent13 vulnerabilities

SAP Abap Platform12 vulnerabilities

SAP Web Dispatcher11 vulnerabilities

SAP S4core10 vulnerabilities

SAP Businessobjects9 vulnerabilities

SAP Landscape Management8 vulnerabilities

SAP Cloud Connector8 vulnerabilities

SAP Commerce7 vulnerabilities

Sapscore7 vulnerabilities

SAP S4 Hana6 vulnerabilities

SAP Basis6 vulnerabilities

SAP Hana Database6 vulnerabilities

SAP Business Warehouse5 vulnerabilities

SAP Bw4hana5 vulnerabilities

SAP S4fnd5 vulnerabilities

SAP Powerdesigner5 vulnerabilities

SAP Content Server5 vulnerabilities

SAP Sql Anywhere5 vulnerabilities

SAP Fiori Launchpad4 vulnerabilities

SAP Gui For Windows4 vulnerabilities

SAP Ui4 vulnerabilities

SAP Netweaver As Abap Kernel3 vulnerabilities

SAP Graphical User Interface3 vulnerabilities

SAP Fiori3 vulnerabilities

SAP Commoncryptolib3 vulnerabilities

SAP Diagnostics Agent3 vulnerabilities

SAP Bank Account Management2 vulnerabilities

SAP Document Builder2 vulnerabilities

SAP Master Data Governance2 vulnerabilities

Known Exploited SAP Vulnerabilities

The following SAP vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
SAP NetWeaver Deserialization Vulnerability SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content.
CVE-2025-42999 Exploit Probability: 18.1%
May 15, 2025
SAP NetWeaver Unrestricted File Upload Vulnerability SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.
CVE-2025-31324 Exploit Probability: 61.2%
April 29, 2025
SAP NetWeaver Directory Traversal Vulnerability SAP NetWeaver Application Server (AS) Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to read arbitrary files via a .. (dot dot) in the query string.
CVE-2017-12637 Exploit Probability: 91.9%
March 19, 2025
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.
CVE-2019-0344 Exploit Probability: 34.1%
September 30, 2024
SAP Multiple Products HTTP Request Smuggling Vulnerability SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP Web Dispatcher allow HTTP request smuggling. An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victim or poisoning intermediary Web caches.
CVE-2022-22536 Exploit Probability: 93.9%
August 18, 2022
SAP NetWeaver Unrestricted File Upload vulnerability SAP NetWeaver contains a vulnerability that allows unrestricted file upload.
CVE-2021-38163 Exploit Probability: 88.3%
June 9, 2022
SAP NetWeaver SQL Injection Vulnerability SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-2386 Exploit Probability: 44.3%
June 9, 2022
SAP NetWeaver Information Disclorsure Vulnerability The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.
CVE-2016-2388 Exploit Probability: 56.1%
June 9, 2022
SAP NetWeaver AS JAVA CRM Remote Code Execution Vulnerability SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
CVE-2018-2380 Exploit Probability: 45.3%
November 3, 2021
SAP NetWeaver AS JAVA Remote Code Execution Vulnerability The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request.
CVE-2010-5326 Exploit Probability: 26.4%
November 3, 2021
SAP NetWeaver AS JAVA XXE Vulnerability BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
CVE-2016-9563 Exploit Probability: 41.1%
November 3, 2021
SAP Netweaver JAVA remote unauthenticated access vulnerability SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system.
CVE-2020-6287 Exploit Probability: 94.4%
November 3, 2021
SAP Solution Manager Missing Authentication Check Complete Compromise of SMD Agents vulnerability SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
CVE-2020-6207 Exploit Probability: 94.3%
November 3, 2021
SAP NetWeaver AS Java 7.1 - 7.5 Directory Traversal Vulnerability Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
CVE-2016-3976 Exploit Probability: 77.8%
November 3, 2021

Of the known exploited vulnerabilities above, 5 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 8 known exploited SAP vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2025 there have been 2 vulnerabilities in SAP with an average score of 9.8 out of ten. Last year, in 2024 SAP had 85 security vulnerabilities published. Right now, SAP is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 3.93.




Year Vulnerabilities Average Score
2025 2 9.80
2024 85 5.87
2023 165 6.69
2022 187 6.70
2021 204 6.73
2020 207 6.24
2019 123 6.67
2018 127 6.93

It may take a day or so for new SAP vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent SAP Security Vulnerabilities

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content

CVE-2025-42999 - May 13, 2025

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries

CVE-2025-31324 9.8 - Critical - April 24, 2025

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

Unrestricted File Upload

SAP BusinessObjects BI Platform Information Disclosure Vulnerability

CVE-2024-32732 - December 10, 2024

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application.

Exposure of Sensitive System Information to an Unauthorized Control Sphere

SAP Commerce Cloud Assisted Service Module Information Disclosure Vulnerability

CVE-2024-47577 - December 10, 2024

Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information disclosure vulnerability. When an authorized agent searches for customer to manage their accounts, the request url includes customer data and it is recorded in server logs. If an attacker impersonating as authorized admin visits such server logs, then they get access to the customer data. The amount of leaked confidential data however is extremely limited, and the attacker has no control over what data is leaked.

Cleartext Transmission of Sensitive Information

SAP NetWeaver ABAP Privilege Escalation Vulnerability

CVE-2024-47585 - December 10, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks, resulting in privilege escalation. While authorizations for import and export are distinguished, a single authorization is applied for both, which may contribute to these risks. On successful exploitation, this can result in potential security concerns. However, it has no impact on the integrity and availability of the application and may have only a low impact on data confidentiality.

AuthZ

SAP NetWeaver Administrator SSRF Vulnerability

CVE-2024-54197 - December 10, 2024

SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery (SSRF) which could have a low impact on integrity and confidentiality of data. It has no impact on availability of the application.

SSRF

SAP NetWeaver AS ABAP RFC Request Credential Exposure Vulnerability

CVE-2024-54198 - December 10, 2024

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.

Improper Control of Dynamically-Identified Variables

SAP NetWeaver AS Java (System Landscape Directory) Authorization Bypass Vulnerability

CVE-2024-42372 - November 12, 2024

Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confidentiality and integrity of the application.

AuthZ

SAP NetWeaver ABAP Kernel Null Pointer Dereference Denial of Service Vulnerability

CVE-2024-47586 - November 12, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel. This dereference will result in the system crashing and rebooting, causing the system to be temporarily unavailable. There is no impact on Confidentiality or Integrity.

NULL Pointer Dereference

SAP NetWeaver Java Software Update Manager 1.1 Credential Exposure Vulnerability

CVE-2024-47588 - November 12, 2024

In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the credentials from the logs. This leads to a high impact on confidentiality, with no impact on integrity or availability.

Insufficiently Protected Credentials

SAP NetWeaver AS Java Unauthenticated User ID Brute Force Vulnerability

CVE-2024-47592 - November 12, 2024

SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability.

SAP NetWeaver ABAP Server File Disclosure Vulnerability

CVE-2024-47593 - November 12, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or downloaded in an application based on SAP GUI for HTML Technology. This will not compromise the application's integrity or availability.

SAP NetWeaver AS ABAP Privilege Escalation Vulnerability

CVE-2024-47595 7.1 - High - November 12, 2024

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.

Incorrect Privilege Assignment

SAP BusinessObjects Business Intelligence Platform

CVE-2024-37179 6.5 - Medium - October 08, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application.

Unrestricted File Upload

The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability

CVE-2024-45277 4.3 - Medium - October 08, 2024

The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. This is due to improper user input sanitation when using the nestTables feature causing low impact on the availability of the application. This has no impact on Confidentiality and Integrity.

Prototype Pollution

SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability

CVE-2024-45278 5.4 - Medium - October 08, 2024

SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

XSS

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method

CVE-2024-45282 5.3 - Medium - October 08, 2024

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations. Confidentiality and Availability are not impacted.

Trusting HTTP Permission Methods on the Server Side

SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs

CVE-2024-47594 5.4 - Medium - October 08, 2024

SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link, confidentiality and integrity of their web browser session could be compromised.

XSS

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will

CVE-2024-44112 4.3 - Medium - September 10, 2024

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability.

AuthZ

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform

CVE-2024-41728 2.7 - Low - September 10, 2024

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

AuthZ

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program

CVE-2024-44114 2.7 - Low - September 10, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiality of the application.

AuthZ

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users

CVE-2024-42373 5.4 - Medium - August 13, 2024

SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to delete non-sensitive report variants that are typically restricted, causing minimal impact on the integrity of the application.

AuthZ

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction

CVE-2024-41734 4.3 - Medium - August 13, 2024

Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. There is no impact on integrity or availability.

AuthZ

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

CVE-2024-39591 5.3 - Medium - August 13, 2024

SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

AuthZ

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server

CVE-2024-33005 6.3 - Medium - August 13, 2024

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a high impact on the integrity and availability of the applications.

AuthZ

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls

CVE-2024-41732 5.4 - Medium - August 13, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read or modify information. There is no impact on availability of application.

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-41731 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

SAP shared service framework

CVE-2024-42377 4.3 - Medium - August 13, 2024

SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application

AuthZ

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user

CVE-2024-42376 6.5 - Medium - August 13, 2024

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application.

AuthZ

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-42375 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

SAP CRM ABAP (Insights Management)

CVE-2024-41737 5 - Medium - August 13, 2024

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

Under certain conditions SAP Permit to Work

CVE-2024-41736 4.3 - Medium - August 13, 2024

Under certain conditions SAP Permit to Work allows an authenticated attacker to access information which would otherwise be restricted causing low impact on the confidentiality of the application.

Information Disclosure

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs

CVE-2024-41735 5.4 - Medium - August 13, 2024

SAP Commerce Backoffice does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability causing low impact on confidentiality and integrity of the application.

XSS

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes

CVE-2024-41733 5.3 - Medium - August 13, 2024

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the e-mail that they wish to test for. The impact on confidentiality therefore is low and no impact to integrity or availability

Information Disclosure

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user

CVE-2024-41730 9.8 - Critical - August 13, 2024

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability.

AuthZ

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source

CVE-2024-42374 8.2 - High - August 13, 2024

BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source. An attacker can retrieve information from the SAP ADS system and exhaust the number of XMLForm service which makes the SAP ADS rendering (PDF creation) unavailable. This affects the confidentiality and availability of the application.

aka Blind XPath Injection

Some OCC API endpoints in SAP Commerce Cloud

CVE-2024-33003 9.1 - Critical - August 13, 2024

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII) data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a High impact on confidentiality and integrity of the application.

Information Disclosure

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network

CVE-2024-28166 4.3 - Medium - August 13, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact on the Integrity of the application.

Unrestricted File Upload

SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges

CVE-2024-37175 6.5 - Medium - July 09, 2024

SAP CRM WebClient does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to access some sensitive information.

AuthZ

SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user

CVE-2024-37172 5.4 - Medium - July 09, 2024

SAP S/4HANA Finance (Advanced Payment Management) does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality and availability but there is no impact on the integrity.

AuthZ

SAP Transportation Management (Collaboration Portal)

CVE-2024-37171 5 - Medium - July 09, 2024

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative privileges to send a crafted request from a vulnerable web application. This will trigger the application handler to send a request to an unintended service, which may reveal information about that service. The information obtained could be used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. There is no effect on integrity or availability of the application.

SSRF

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files

CVE-2024-34692 4.6 - Medium - July 09, 2024

Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited impact on confidentiality and Integrity of the application.

Unrestricted File Upload

WebFlow Services of SAP Business Workflow

CVE-2024-34689 5 - Medium - July 09, 2024

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on to an SAP system, which might

CVE-2024-39600 4.2 - Medium - July 09, 2024

Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on to an SAP system, which might allow an attacker to get hold of the password and impersonate the affected user. As a result, it has a high impact on the confidentiality but there is no impact on the integrity and availability.

Information Disclosure

Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges

CVE-2024-39592 6.5 - Medium - July 09, 2024

Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This allows an attacker to read sensitive information causing high impact on the confidentiality of the application.

AuthZ

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response

CVE-2024-39593 5.7 - Medium - July 09, 2024

SAP Landscape Management allows an authenticated user to read confidential data disclosed by the REST Provider Definition response. Successful exploitation can cause high impact on confidentiality of the managed entities.

Information Disclosure

SAP CRM (WebClient UI Framework)

CVE-2024-39598 7.7 - High - July 09, 2024

SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

SSRF

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which

CVE-2024-34685 6.1 - Medium - July 09, 2024

Due to weak encoding of user-controlled input in SAP NetWeaver Knowledge Management XMLEditor which allows malicious scripts can be executed in the application, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This has no impact on the availability of the application but it has a low impact on its confidentiality and integrity.

XSS

Due to insufficient input validation, SAP CRM WebClient UI

CVE-2024-37173 6.1 - Medium - July 09, 2024

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application.

XSS

Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability

CVE-2024-37174 6.1 - Medium - July 09, 2024

Custom CSS support option in SAP CRM WebClient UI does not sufficiently encode user-controlled inputs resulting in Cross-Site Scripting vulnerability. On successful exploitation an attacker can cause limited impact on confidentiality and integrity of the application.

XSS

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.